Report: North Korea’s Lazarus Hackers Have Stolen $571M In Crypto

North Korean Lazarus Hacking Group Thrashes Crypto Exchanges

You may not have heard of them, but reports claim that the North Korea-based Lazarus hacker consortium is responsible for some of the crypto industry’s most-damaging hacks in the past 12 months. As reported by Etehreum World News in late-August, at one point, the group reportedly utilized a piece of malware, dubbed “Applejeus,” that wreaked havoc on an unnamed exchange platform.

Although the exact extent of Lazarus’ quickly growing sphere of influence is still unknown, The Next Web’s Hard Fork recently revealed that the group is directly tied to the attacks on the following five cryptocurrency platforms — CoinCheck, YouBit, Coinis, Bithumb, and Yapizon.

Interestingly enough, it was noted that Lazarus was likely not responsible for the recent hacks on the Zaif, Bancor, and Coinrail platforms.

Citing an exclusive report from Group-IB, a world-renowned cybersecurity company, it was claimed that while the collective hacking efforts from “internet baddies” have seen $882 million in crypto assets stolen from exchanges, the elusive Lazarus group was responsible for the lion’s share of the funds stolen. More specifically, out of the 14 reported attacks on exchanges since January of last year, the North Korean hacker collective was responsible for five hacks, which were collectively responsible for the loss of $571 million in stolen crypto assets.

It is unclear how the funds stolen by Lazarus have been used, but it is widely believed that the hermit nation has been doing its best to bolster its cryptocurrency holdings to bypass international sanctions through a series of questionable practices.

Surprisingly, the document went on to claim hackers, like the Lazarus group, have used traditional methods and tools, such as spear phishing, social engineering, and malware, to gain unauthorized entry into the inner workings of crypto platforms.

Discussing the topic of spear phishing and its relation to exchange security breaches in detail, Group-IB wrote:

Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam [with an attachment] that has a malware embedded in the document… After the local network is successfully compromised, the hackers browse the local network to find work stations and servers used working with private cryptocurrency wallets.

This sounds like a security concern that can easily be patched… right? Well, the Moscow-based technology company went on to note that hacks on exchanges will only become more common as this industry continues to gain traction, as hacker groups may “shift their attention to cryptocurrency exchanges” due to the sheer amount of capital flowing through crypto on a day-to-day basis.

Phishing ICO Attempts, 51% Attacks Remain A Hot Topic Within The Hacker Community

The report also touched on two other hot topics in the cryptocurrency hacking scene — ICO phishing scams and 51% attacks on PoW-based blockchain networks.

Per data gathered by Group-IB, approximately 10% of all funds raised by ICOs in the past 18 months have been stolen by phishers, which is a colossal amount considering that these crowdfunding efforts have raised billions of dollars.

51% attacks have reportedly seen their fair share of attention, claiming that hackers stole upwards of $18 million by taking over a multitude blockchain networks through brute force.

Although the data is varied from each attack-type to the next, one common theme is clear, which is that crypto-related hacking attempts are only slated to increase in the near future.

About author

Nick has been enamored with cryptocurrencies since foraying into the industry in 2013. He has since gotten involved as a reporter, covering news on a number of blockchain- and crypto-related outlets.
Email Nick: [email protected]